SSL Certificate Analysis for avantagecpo.com - Security Grade & TLS Configuration

Open Cached · just now

77/100 SECURITY SCORE

Certificate Information

Subject

CN=stg.admin.smile-package.com

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

November 04, 2025

Valid Until

February 02, 2026 79 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

7D:D3:C3:03:38:58:18:5F:53:FF:DE:74:E5:19:F2:E3:74:E0:BE:47:0A:90:29:27:65:5E:F5:D2:8A:E4:F0:D9

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31556926

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

avantagecpo.com

Other domains in certificate

1on1talk.app2.1on1navi.com

portfolio.airoc.nl

grupomega.akibaa.com

andrechenriques.com

arsenal.anduril.com

pheno.anuvabio.io

armadordepercurso.com.br

azora.app

www.azvn.app

paufc.deeplinks.bfansports.com

landing.blmbastion.nl

dev.admin.cabinetdeals.com

dev.open-us.cardiosignal.com

www.ccjopartnerstrading.com

vision.celushop.com.ar

www.admin.certifysimple.com

www.china-chats.com

speccon.cnfg.app

www.philosophy.co.il

collctiv.app

pd2.conseq.uk

l-staging.convoz.com

www.corvinodesigns.com

geo.cuadraporcuadra.com

glamorgan.devpass.co.uk

dingajudge.com

www.elastikobjective.com

video.feedback.feelalytics.com

feelinsoupy.com

demo.fitexgo.com

app.focusokr.com

freebusinesscontracts.com

join.getfinally.com

ghosts-art-legacy.com

link.gobizdev.com

www.haagistvan.com

daoducduong-20215551-cv-student.id.vn

www.jimw.ca

jj-fineline.ca

eventually.jorgetheengineer.com

client-dev.kleenwayservices.com

permits.lasepa.com

latter.page

www.leafautos.com

www.app.staging1.learningsuite.at

auth.localmasjid.com

pro.logbook.com.co

lovejoburg.org

aayulinks.medcords.com

mercan.mercari.com

editor.michaelpdidier.com

mindmakersproject.org

mirasasse.com

www.mj12358.dev

paopao.moderntea.ch

muchoos.com

adyt.my.id

www.myasedi.com

go.mybloodpressuretip.com

nipunenterprises.com

beta.nitetoast.com

ngpanel.noisegrasp.com

moderator.novo-connect.com

event.othellonia.com

pages.parsonsbehlelab.com

photopal.app

photoratingsystem.com

gozcc1.pksquad.com

app.planm8.io

www.playtrimmingsails.com

www.pluraling.com

www.myresourcesite.propelledbrands.com

app.qcha.ovh

auth-dev.qoodish.com

shop.queue.lol

www.raad.work

www.rckit.app

ufs-workflow-viz.renatn.com

cliente.rflex.io

shoks.net

siscoven.com

skingenie.app

stg.admin.smile-package.com

cscabinet.studiossolution.com

mazerats.taytay.ca

teyoh.com

thefrankemon.dev

tigerstudios.com

www.top-ten.app

testing.topic.com.ar

trickstratapp.com

tuxedolab.info

app.voicepop.de

www.wavelette.io

www.worldviewsoftware.com

xii.agency

www.yelobus.app

api.yodd.health